公开(公告)号：US11645388B1

公开(公告)日：2023-05-09

申请号：US17080359

申请日：2020-10-26

Applicant: ARCHITECTURE TECHNOLOGY CORPORATION

Inventor： Colleen Kimball ,  Robert A. Joyce ,  Judson Powers ,  Matthew Donovan

IPC: G06F21/56 ,  G06F8/73 ,  G06N20/00 ,  G06F21/57

CPC classification number: G06F21/563 ,  G06F8/73 ,  G06F21/577 ,  G06N20/00 ,  G06F2221/033

Abstract: Disclosed herein are embodiments of systems, methods, and products that execute tools to identify non-malicious faults in source codes introduced by engineers and programmers. The tools may execute a machine learning model on the source codes to perform sentiment analysis and pattern analysis on information associated with the source codes to generate annotated source code files identifying anomalies based on the sentiment analysis and the pattern analysis. One or more threat levels are then identified and ranked based on the one or more anomalies and a ranked list of the one or more threat levels is displayed on a graphical user interface of a computer.

公开(公告)号：US11429713B1

公开(公告)日：2022-08-30

申请号：US16256810

申请日：2019-01-24

Applicant: ARCHITECTURE TECHNOLOGY CORPORATION

Inventor： Matthew Donovan ,  Paul Nicotera ,  Dahyun Hollister ,  Robert Joyce ,  Judson Powers

IPC: G06F21/53 ,  G06N3/04 ,  H04L9/40 ,  G06F21/55

Abstract: The methods and systems disclosed herein generally relate to automated execution and evaluation of computer network training exercises, such as in a virtual environment. A server generates a training system having a virtual attack machine and a virtual target machine where the virtual target machine is operatively controlled by a trainee computer. The server then executes a simulated cyber-attack and monitors/collects actions and responses by the trainee. The server then executes an artificial intelligence model to evaluate the trainee's action and to identify a subsequent simulated cyber-attack (e.g., a next step to the simulated cyber-attack). The server may then train the artificial intelligence model using various machine-learning techniques using the collected data during the exercise.

公开(公告)号：US10757132B1

公开(公告)日：2020-08-25

申请号：US15699884

申请日：2017-09-08

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Matthew Donovan

IPC: G09B9/00 ,  H04L29/06 ,  G06Q10/06

Abstract: An integrated adaptive learning system provides the functions of scenario development, exercise execution, exercise monitoring, exercise evaluation, exercise adaptation, and scenario feedback, which may be implemented in one or more of a scenario builder module, an exercise test module, an exercise controller module, an exercise performance monitor module, an exercise evaluation module, an exercise adaption module, and an exercise reporting and scenario feedback module. The modules, and other components of the integrated adaptive learning system may be implemented as a standalone physical training system, a training overlay to an existing physical system, and a virtual training system, or combinations thereof. In an aspect, the integrated adaptive learning system may be implemented as a physical or a virtual variable-fidelity cyber range.

公开(公告)号：US12032681B1

公开(公告)日：2024-07-09

申请号：US17896974

申请日：2022-08-26

Applicant: Architecture Technology Corporation

Inventor： Matthew Donovan ,  Paul Nicotera ,  Dahyun Hollister ,  Robert Joyce ,  Judson Powers

IPC: G06F21/53 ,  G06F21/55 ,  G06N3/04 ,  H04L9/40

CPC classification number: G06F21/53 ,  G06F21/552 ,  G06N3/04 ,  H04L63/1458

Abstract: The methods and systems disclosed herein generally relate to automated execution and evaluation of computer network training exercises, such as in a virtual environment. A server executes a first attack action by a virtual attack machine against a virtual target machine based on a cyber-attack scenario, wherein the virtual target machine is configured to be controlled by the user computer. The server receives a user response to the first attack action, determines, using a decision tree, a first proposed attack action based on the user response, and executes an artificial intelligence model to determine a second proposed attack action based on the user response. The server selects a subsequent attack action from the first proposed attack action and the second proposed attack action and executes the subsequent attack action by the virtual attack machine against the virtual target machine.

公开(公告)号：US11631340B2

公开(公告)日：2023-04-18

申请号：US17710631

申请日：2022-03-31

Applicant: Architecture Technology Corporation

Inventor： Matthew Donovan ,  Colleen Kimball

IPC: G09B19/00 ,  G09B5/10 ,  G09B5/12 ,  G09B9/00 ,  H04L9/40

Abstract: A computer-implemented adaptive group training method a computer accessing a virtual system and initiating a group training exercise for training a trainee group comprising one or more trainees, the group training exercise including one or more challenges to the virtual system, each of the one or more challenges including a pre-defined sequence of one or more injectable events; the computer controlling subsequent execution of the group training exercise comprising injecting the injectable events; and the computer evaluating performance of the trainee group during the subsequent execution of the group training exercise, including analyzing actions taken by the trainee group in response to each of the injections, and attributing one or more of the actions taken to a trainee.

公开(公告)号：US20200382548A1

公开(公告)日：2020-12-03

申请号：US16996148

申请日：2020-08-18

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Matthew Donovan

IPC: H04L29/06 ,  G09B9/00 ,  G06Q10/06

Abstract: A method for improving efficiency of a training program begins with a processor monitoring and adapting execution of a training exercise of the training program. The processor determines a training program effectiveness measure including determining trainee skill improvement demonstrated during the training exercise, and monitoring and determining correctness and timeliness of trainee actions during the training exercise. The processor then determines a training program cost measure by determining a first monetary cost for the execution of the at least one training exercise, determining a second monetary cost associated with trainee manhours for the training exercise, and generating the training program cost measure based on the first and second monetary costs. The processor then computes a ratio of the training program effectiveness measure to the training program cost measure.

公开(公告)号：US11985159B1

公开(公告)日：2024-05-14

申请号：US17884908

申请日：2022-08-10

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Matthew Donovan

IPC: G09B9/00 ,  G06Q10/0639 ,  H04L9/40

CPC classification number: H04L63/1441 ,  G06Q10/06398 ,  G09B9/003 ,  H04L63/1416

Abstract: A method for improving efficiency of a training program begins with a processor monitoring and adapting execution of a training exercise of the training program. The processor determines a training program effectiveness measure including determining trainee skill improvement demonstrated during the training exercise, and monitoring and determining correctness and timeliness of trainee actions during the training exercise. The processor then determines a training program cost measure by determining a first monetary cost for the execution of the at least one training exercise, determining a second monetary cost associated with trainee man-hours for the training exercise, and generating the training program cost measure based on the first and second monetary costs. The processor then computes a ratio of the training program effectiveness measure to the training program cost measure.

公开(公告)号：US11714884B1

公开(公告)日：2023-08-01

申请号：US17833159

申请日：2022-06-06

Applicant: Architecture Technology Corporation

Inventor： Joseph Sirianni ,  Matthew Donovan

IPC: G06F21/12 ,  H04L9/40 ,  G06F21/60 ,  H04W12/08

CPC classification number: G06F21/123 ,  G06F21/604 ,  H04L63/101 ,  H04W12/08

Abstract: A method for detecting, identifying, and mitigating advanced persistent threats in a computer network having one or more computers includes a processor in the computer network: receiving a request to access a resource in the computer network; identifying the request as originating from an application executing on the computer network; executing an anomaly operation to determine a behavior of the application is one of anomalous and not anomalous; executing a privilege operation to determine the request is one of permanently allowed and not-permanently allowed; granting access to the resource for both a non-anomalous-behaving application and a permanently allowed request; and generating and displaying, on a graphical user interface of the computer network, and prompt for either an anomalous-behaving application or a not-permanently allowed request.

公开(公告)号：US11354386B2

公开(公告)日：2022-06-07

申请号：US16839728

申请日：2020-04-03

Applicant: Architecture Technology Corporation

Inventor： Joseph Sirianni ,  Matthew Donovan

IPC: G06F21/12 ,  G06F21/60 ,  H04W12/08 ,  H04L9/40

Abstract: A method for detecting, identifying, and mitigating advanced persistent threats in a computer network having one or more computers includes a processor in the computer network: receiving a request to access a resource in the computer network; identifying the request as originating from an application executing on the computer network; executing an anomaly operation to determine a behavior of the application is one of anomalous and not anomalous; executing a privilege operation to determine the request is one of permanently allowed and not-permanently allowed; granting access to the resource for both a non-anomalous-behaving application and a permanently allowed request; and generating and displaying, on a graphical user interface of the computer network, and prompt for either an anomalous-behaving application or a not-permanently allowed request.

公开(公告)号：US11302215B2

公开(公告)日：2022-04-12

申请号：US16806226

申请日：2020-03-02

Applicant: Architecture Technology Corporation

Inventor： Matthew Donovan ,  Colleen Kimball

IPC: G09B19/00 ,  G09B5/10 ,  G09B9/00 ,  G09B5/12 ,  H04L29/06

Abstract: A computer-implemented adaptive group training method a computer accessing a virtual system and initiating a group training exercise for training a trainee group comprising one or more trainees, the group training exercise including one or more challenges to the virtual system, each of the one or more challenges including a pre-defined sequence of one or more injectable events; the computer controlling subsequent execution of the group training exercise comprising injecting the injectable events; and the computer evaluating performance of the trainee group during the subsequent execution of the group training exercise, including analyzing actions taken by the trainee group in response to each of the injections, and attributing one or more of the actions taken to a trainee.